AMENDMENT UNDER 37 C.F.R. § 1.114(c) 
U.S. Application No.: 10/511,898 



Attorney Docket No.: Q83 178 



AMENDMENTS TO THE CLAIMS 

This listing of claims will replace all prior versions and listings of claims in the 

application: 

LISTING OF CLAIMS: 

1 . (previously presented): A data processing device, including computer-executable 

instructions stored on a computer-readable medium, installed in a data processing server, said 
device comprising: 

a first table storing sets of at least one primary rule, called "primary metarules," in a 
parameterizable form and in corresponding relationship to primary identifiers; and 

management means which is coupled to control means of said data processing server and, 
on receipt of auxiliary data representing operating parameters that request reconfiguration of the 
control means, the auxiliary data delivered by said control means after reception by the data 
processing server of secondary data that requires reconfiguration of the control means, selects at 
least one of the primary identifiers in the first table and associates said auxiliary data therewith 
so as to define dedicated processes of said control means; 

wherein said control means applies said defined dedicated processes to process primary 
data received by said data processing server, said data processing server transmitting said 
primary data based on said processing; and 
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wherein said at least one primary metarule is specified according to a string of characters 
containing a place-holder for each parameter of said primary metarule that is not statically 
defined. 

2. (previously presented): A device according to claim 1, further comprising a 
second table accessible to said management means in which are stored secondary identifiers each 
in corresponding relationship to at least one selected primary identifier associated with auxiliary 
data. 

3. (previously presented): A device according to claim 2, wherein said management 
means, on receipt of said auxiliary data, determine whether the at least one selected primary 
identifier corresponding to the type of said auxiliary data is present in the second table, and 
associate the at least one selected primary identifier with new auxiliary data so as to adapt said 
dedicated processes. 

4. (previously presented): A device according to claim 2, wherein certain selected 
primary metarules in the second table are grouped into secondary metarules represented by 
secondary identifiers. 

5. (previously presented): A device according to claim 1, wherein said management 
means comprise a multiplicity of management submodules each of which manage the association 
of auxiliary data with at least one primary or secondary metarule and, on receipt of said auxiliary 
data, determine which of said management submodules corresponds thereto. 
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6. (previously presented): A device according to claim 2, wherein said management 
means are adapted, on receipt of said auxiliary data communicated by the server to add, delete or 
modify primary or secondary metarules or auxiliary data in the second table associated with said 
primary or secondary metarules. 

7. (previously presented) A device according to claim 1 , wherein said management 
means and said tables are part of a metafirewall which manages a firewall equipping said server. 

8. (previously presented): A firewall comprising a device according to claim 1 . 

9. (previously presented): A data processing method, comprising: 

storing in a first table sets of at least one primary rule, called "primary metarules," in a 
parameterizable form and in corresponding relationship to primary identifiers; 

on receipt of auxiliary data representing operating parameters that request reconfiguration 
of the control means, the auxiliary data delivered by the server after the receipt of secondary data 
that requires reconfiguration of the control means, selecting at least one of the primary identifiers 
in the first table; 

associating said auxiliary data with said selected primary identifier so as to define said 
dedicated processes; and 

applying said dedicated processes based on primary rules to process primary data 
received by a data processing server, and transmitted by said data processing server based on 
said processing; 
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wherein said at least one primary metarule is specified according to a string of characters 
containing a place-holder for each parameter of said primary metarule that is not statically 
defined. 

10. (previously presented): A method according to claim 9, wherein during the 
preliminary step, secondary identifiers each in corresponding relationship to at least one selected 
primary identifier associated with auxiliary data are stored in a second table. 

1 1 . (previously presented): A method according to claim 1 0, wherein on receipt of 
the auxiliary data, it is determined whether the at least one selected primary identifier that 
corresponds to the type of the auxiliary data is present in the second table, and to associate the at 
least one selected primary identifier with new auxiliary data so as to adapt said dedicated 
processes. 

12. (previously presented): A method according to claim 1 0, wherein certain primary 
metarules in the second table are grouped into secondary metarules represented by secondary 
identifiers. 

13. (previously presented): A method according to claim 9, wherein there are 
executed in parallel the selection of the primary or secondary metarules in the first table and the 
modification of the auxiliary data in the second table associated with the secondary identifier 
representing the selected primary or secondary metarules. 
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14. (previously presented): A method according to claim 9, wherein on receipt of 
complementary data communicated by said server, primary or secondary metarules are added to, 
deleted from or modified in the second table. 

15. (currently amended): A network data processing device, comprising: 
a network data processing module; [[and]] 

a management module coupled to said network data processing module, said 
management module comprising a first memory containing a first table, said first table 
containing primary identifiers associated with at least one parameterized rule for providing 
direction to said network data processing module when one or more of said primary identifiers 
and said at least one parameterized rule are associated with at least one parameter value; and 

wherein the management module includes a configuration module which decides when to 
make modifications to a current configuration of a firewall, 

wherein said network data processing module, in response to receiving said direction, 
manages network data according to said direction; and 

wherein said at least one parameterized rule is specified according to a string of 
characters containing a place-holder for each parameter of said parameterized rule that is not 
statically defined, wherein the place-holder is relevant to the rule. 

16. (previously presented): A device according to claim 15, said management module 
further comprising a second memory containing a second table, said second table containing 
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secondary identifiers associated with at least one of said primary identifiers and one or more 
respective parameter values. 

17. (previously presented): A method of processing network data, comprising: 

storing as entries in a first table, primary identifiers, each with one or more associated 
parameterized rules; 

receiving data comprising at least one parameter value; and 

making a determination whether said parameter value can be associated with an existing 
one of the entries in said first table; 

when the determination is affirmative, making a combination of said parameter value and 
said associated parameterized rules, and communicating said combination to a network data 
processing module so as to direct the management of network data by said network data 
processing module; 

wherein each of said associated parameterized rules is specified according to a string of 
characters containing a place-holder for each parameter of said associated parameterized rule that 
is not statically defined, wherein the place-holder is relevant to the rule. 

18. (previously presented): A method of processing network data, comprising: 

storing as entries in a first table, first primary identifiers, each with one or more 
associated parameterized rules; 
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storing as entries in a second table, secondary identifiers, each with one or more 
associated second primary identifiers and one or more associated parameter values; 

receiving data comprising at least one new parameter value; 

determining at least one associable second primary identifier which said new parameter 
value can be associated with; 

storing said new parameter value in association with said associable second primary 
identifier; 

determining current associated parameter values and corresponding parameterized rules 
for each of said secondary identifiers; 

making a combination of said current associated parameter values and said corresponding 
parameterized rules for directing said network data processing module; and 

communicating said combination to a network data processing module so as to direct the 
management of network data by said network data processing module; 

wherein each of said associated parameterized rules is specified according to a string of 
characters containing a place-holder for each parameter of said associated parameterized rule that 
is not statically defined, wherein the place-holder is relevant to the rule. 
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1 9 . (previously presented) : The data processing device according to claim 1 , 
wherein the primary metarule comprises one of definitions and prototypes of sets of the least one 
primary rule. 
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